If you're using sendmail, you can blacklist using cn.countries.nerd.dk at the sendmail level, and use
See http://blue-labs.org/howto/access_hints.php for tips on how to use sendmail's access file to whitelist senders (and recipients) who might otherwise be blocked by rbls. Connect:your.friend.cn OK (or their mail server's IP) in /etc/mail/access to override the rbl. See http://blue-labs.org/howto/access_hints.php for the details. Cheers, Phil -- Phil Randal Network Engineer Herefordshire Council Hereford, UK > -----Original Message----- > From: Matt Hampton [mailto:[EMAIL PROTECTED] > Sent: 24 November 2006 10:27 > To: Jeremy Fairbrass > Cc: users@spamassassin.apache.org > Subject: Re: RBL checks and -lastexternal > > Jeremy Fairbrass wrote: > > I want to block all emails that come from an IP in China > (where the IP is > > the one connecting to me), *BUT* I want to exclude a > particular server in > > China that is used by a friend who I trust, for example. > How could I do > > that? > > Do you managed the MTA? If you do this would be an ideal > case for using > the zz.countries.nerd.dk as a RBL and then whitelist the server at MTA > level. > > Well, I guess I could make a meta rule that combines my > > zz.countries.nerd.dk rules with something else that > prevents those rules > > from working if the trusted IP is found within the Received > header or > > something - but that would be fiddly, and would be a > nuisance if I had a > > whole bunch of IPs that I wanted to whitelist. It would > obviously be much > > easier if I could simply trust/exclude from testing all the > IPs listed in > > trusted_networks. > > > matt >
